2 matches found
PT-2022-25501 · Ragic · Ragic
Name of the Vulnerable Software and Affected Versions: Ragic affected versions not specified Description: The issue concerns insufficient filtering for special characters on the report generation page, allowing a remote attacker with general user privileges to inject JavaScript and perform a...
CVE-2022-35221
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’ vulnerability on thread subject field. A remote attacker with general user privilege posting a thread subject with large content can cause the server to allocate too much memory, leading to missing...